return to login page if auth fails, existing auth session has timed out, or existing...

git-svn-id: svn://svn.open-ils.org/ILS/branches/rel_1_2@10296 dcc99617-32d9-48b4-a31d-7c20da2025e4

diff --git a/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm b/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm
index 84c8f4d..476f288 100644 (file)
--- a/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm
+++ b/Open-ILS/src/perlmods/OpenILS/WWW/Proxy.pm
@@ -112,11 +112,13 @@ sub handler {
                                )
                        );
                        return Apache2::Const::REDIRECT;
-               }
+               } else {
+            return back_to_login($cgi);
+        }
        }
 
        my $user = verify_login($auth_ses);
-       return Apache2::Const::FORBIDDEN unless ($user);
+    return back_to_login($cgi) unless $user;
 
        $ws_ou ||= $user->home_ou;
 
@@ -127,12 +129,25 @@ sub handler {
                ->request('open-ils.actor.user.perm.check', $auth_ses, $user->id, $ws_ou, $perms)
                ->gather(1);
 
-       return Apache2::Const::FORBIDDEN if (@$failures > 0);
+       return back_to_login($cgi) if (@$failures > 0);
 
        # they're good, let 'em through
        return Apache2::Const::DECLINED;
 }
 
+sub back_to_login {
+    my $cgi = shift;
+    print $cgi->redirect(
+        -uri=>$cgi->url,
+        -cookie=>$cgi->cookie(
+            -name=>'ses',
+            -value=>'',
+            -path=>'/',-expires=>'-1h'
+        )
+    );
+    return Apache2::Const::REDIRECT;
+}
+
 # returns the user object if the session is valid, 0 otherwise
 sub verify_login {
        my $auth_token = shift;